Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-284

CWE-284

Improper Access Control

The product does not restrict or incorrectly restricts access to a resource from an unauthorized actor.

5,300 vulnerabilities with CWE-284

CVE-2024-38175 CRITICAL

Azure Managed Instance for Apache Cassandra - Privilege Escalation

CVE-2024-42919 CRITICAL

eScan Management Console <14.0.1400.2281 - Privilege Escalation

CVE-2024-27187 HIGH

Joomla! 4.0.0 through 4.4.7 - Improper Access Control

CVE-2024-43409 MEDIUM

Ghost 4.46.0-5.89.4 - Improper Access Control

CVE-2024-43397 MEDIUM

Apollo < 2.3.0 - Improper Access Control via Synchronization Configuration

CVE-2024-43377 MEDIUM

Umbraco CMS 14.0.0-14.1.1 - Authenticated Improper Access Control

CVE-2024-42559 CRITICAL

Hotel Management System - Auth Bypass

CVE-2024-7921 MEDIUM

JieLink+ JSOTC2016 < 20240805 - Improper Access Control in ParkOutRecord GetDataList Endpoint

CVE-2024-7920 MEDIUM

JieLink+ JSOTC2016 < 20240805 - Improper Access Control in GetParkInThroughDeivces Endpoint

CVE-2024-7919 MEDIUM

JieLink+ JSOTC2016 < 20240805 - Improper Access Control in ParkChargeRecord GetDataList Endpoint

CVE-2024-6221 HIGH

corydolphin/flask-cors 4.0.1 - Info Disclosure

CVE-2024-42967 CRITICAL

TOTOLINK LR350 V9.3.5u.6369_B20220309 - Info Disclosure

CVE-2024-28050 MEDIUM

Intel Arc & Iris Xe Graphics < 31.0.101.4824 - Authenticated Denial of Service via Local Access

CVE-2024-26022 HIGH

Intel Aptio V UEFI Firmware < 5.05.04.0008, < 5.13.00.2106, < 5.13.00.2109, < 5.27.06.0019 - Privilege Escalation

CVE-2024-25576 HIGH

Intel(R) FPGA <24.1 - Privilege Escalation

CVE-2024-24986 HIGH

Linux kernel mode driver <28.3 - Privilege Escalation

CVE-2024-39414 MEDIUM

Adobe Commerce <=2.4.7-p1 - Improper Authorization leading to Security Feature Bypass

CVE-2024-38163 HIGH

Microsoft Windows Update Stack - Elevation of Privilege

CVE-2024-38223 MEDIUM

Windows Initial Machine Configuration - Privilege Escalation

CVE-2024-38195 HIGH

Azure CycleCloud 8.0.0-8.6.2 - Remote Code Execution

CVE-2024-38162 HIGH

Azure Connected Machine Agent - Privilege Escalation

CVE-2024-36505 MEDIUM

FortiOS <7.4.3, <7.2.7, <7.0.14, <=6.4 - Privilege Escalation

CVE-2024-41905 MEDIUM

SINEC Traffic Analyzer < 2.0 - Authenticated Sensitive Information Exposure via Improper Access Control

CVE-2024-41732 MEDIUM

SAP NetWeaver Application Server ABAP - Unauthenticated CSS Injection via URL Link

CVE-2024-42480 HIGH

Kamaji <1.0.0 - Privilege Escalation

Previous Page 99 of 212 Next

Details

Vulnerabilities 5,300

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy